Dear All
Please recommend my customer have WSS but when use Customer's account for login to portal following document it have error user not available
How to resolve this issue.
Best Regards,
CR
Dear All
Please recommend my customer have WSS but when use Customer's account for login to portal following document it have error user not available
How to resolve this issue.
Best Regards,
CR
Hello,
We usually get Administrator Daily Summary Report from our SEPM servers. But we have noticed one thing that from 14 version onwards we are unable to go through the fields of the Administrator Daily Summary Report. We have tried in almost all browsers (IE,Edge,Chrome and Firefox) and the report is opening but we are unable go through the fields .Especially unable to expand any fields inside .Could you please share your thoughts .Please find the attachments for more details .
Thanks
Sujith
Hello ,
We get file reputation alert from couple of servers with the following information "Reputation check for unproven files failed because of network errors for the last 3 days" .Please note that those servers are hosted on Amazon Cloud and we didn't get any such alert from the servers hosted in office network .Could you please share your thoughts .
Thanks
Sujith
Hi everyone,
i need an answer to an important question. I want to rollout the new version with autoupgrade but without forcing a restart.
Is the client unprotected until the restart? If so i have to force it and communicate about it.
Most employees are on the road with customers and cannot have a popup within a presentation or workshop.
I could not find the information here: https://support.symantec.com/us/en/article.howto80780.html
Best regards
Stephan
Hello ,
I am looking for a script which can alert if a server is missing with SEP client installed .Could you please share your thought and can this be enabled from SEPM console .
Thanks
Sujith
Hello ,
Does any one know about End Of Life Support of following SEP products and versions
SEP 11.X
SEP 12.1.X
SEP 14.0
SEP 14.2 .0
SEP 14.2.X
Thanks
Sujith
Dear All,
Our server (5.39.76.224) has suddenly been tagged with bad reputation preventing us from connecting with several customers and therefore directly impacting our business.
After trying several times to use the Symantec IP Reputation Investigation page (https://ipremoval.sms.symantec.com/ipr/remove) without any outcome, feedback or results (is such page really doing something?) I finally decided to register and create this post and see if it is more successful.
As already reported by many other one´s in this forum, Symantec is the only entity assigning a bad reputation to our server by indicating that this host as been observed sending spam but without providing any evidences of such statement. We don´t even use mailing lists.
It is also rather confusing that we cannot even reply back to customers willing to send us their messages; in most systems this would automatically lead into a "white listing" situation.
A simple search on this subject in the Symantec forum return over 800 entries, is this not an indication that perhaps the methodology should be revisited?
I´m looking forward for your feedback and solutions.
Regards:
Eric
Hi,
I am getting this warning when i try to upload big files more than 10 mb, no issue when the size is less than 10 mb.
WARNING: [6756] Failed to get data from the client., Exception thrown from : ServerShmChannelImpl.cpp(202) FilterTextExtractor.cpp 116
13 févr. 2020 12:01:03 com.vontu.cracker.TextExtractionDelegate getTextForFile
WARNING: Error encountered during content extraction for type [doc].
com.vontu.cracker.ContentExtractorTimeoutException: TimeoutException occured
at com.vontu.cracker.jni.NativeTextExtractor.filterText(NativeTextExtractor.java:51)
at com.vontu.cracker.NativeTextExtractorAdapter.filterText(NativeTextExtractorAdapter.java:40)
at com.vontu.cracker.TextExtractionDelegate.getTextForFile(TextExtractionDelegate.java:63)
at com.vontu.messaging.chain.ComponentQueueProcessor.getTextForComponent(ComponentQueueProcessor.java:531)
at com.vontu.messaging.chain.ComponentQueueProcessor.processBinaryComponent(ComponentQueueProcessor.java:397)
at com.vontu.messaging.chain.ComponentQueueProcessor.processMessageComponents(ComponentQueueProcessor.java:125)
at com.vontu.messaging.chain.MessageContentExtractor.processMessage(MessageContentExtractor.java:184)
at com.vontu.messaging.chain.MessageContentExtractor.processMessage(MessageContentExtractor.java:165)
at com.vontu.messaging.chain.MessageChain.processMessage(MessageChain.java:194)
at com.vontu.messaging.chain.MessageChain.run(MessageChain.java:118)
at java.lang.Thread.run(Thread.java:748)
13 févr. 2020 12:01:03 com.vontu.icap.RequestProcessor handleInductorException
WARNING: On ICAP connection ID=1316 unrecoverable error: Error sending approval. Closing this connection.
and also on the web when i upload i am getting "an icap error was encountered while handling the request"
Can somebody help if they encounter this issue?
Regards
Satyajeet Anand
i have tried to upgrade version of hardware diag but don't have cli cmd following from guide please recommend
on my appliance don't have CLI same below when i access to conf t don't have diag upgrade path cmd
Blue Coat ASG-S400>enable
Enable Password:
Blue Coat ASG-S400#conf t
Enter configuration commands, one per line. End with CTRL-Z.
Blue Coat ASG-S400#(config)diag-upgrade-path https://internalwebserver/s400-3_1_2_1-diag.bcsi
ok
Blue Coat ASG-S400#(config)exit
Blue Coat ASG-S400#load diag-upgrade
Downloading from "https://internalwebserver/s400-3_1_2_1-diag.bcsi"
.
Installing...100%
The new diagnostic software has been successfully downloaded.
From enable mode use "restart upgrade" to install the new diagnostic software.
Blue Coat ASG-S400#restart upgrade
Good Morning,
Gartner in last report about EPP solution wrote about SEP:
Symantec EDR is missing advanced functions for large enterprise customers, such as case management workflow, remote shell response function (due 1Q20) and rapid pivot capabilities from one query to another. EDR does not provide blocking rules although automated actions can be scripted for specific detections. The user interface lacks guided investigation tips or contextual information, which makes it difficult to use for mainstream buyers. EDR and SEP are different management consoles.
What are these blocking rules?
Thanks.
I have generated a new client to push manually to several systems. Our companies requirements dictate that this be a completely silent install, which with /QN should not be an issue.
We have done it plenty of times in the past. But with this newest client, no matter what command line options I use, for example, Setup.exe /qn /L*V C:\log.txt
Nothing happens. Ever. But if I just type setup.exe poof it is off and running with minimal gui. I have tried all manner of the command line switches, alone and in groups.. it never runs on any test boxes, with any of them.
What am I doing wrong?
Hi,
according to Symantec KB, a "TCP Tunnel" service with Detect protocol enabled should be equivalent to "SSL Proxy" service when encountering SSL traffic:
https://support.symantec.com/us/en/article.tech245661.html
Yet the behavior is confusing in the following scenario:
- SSL intercept on exception is enabled (the default)
- TCP Tunnel on port 443 with Detect protocol enabled
- Category "Technology/Internet" is set to Deny in web access policy (this is just an example)
- web site https://veracompadria.com is categorized as "Technology/Internet" and its IP adress has the same category, too.
When accessing the web site, the proxy manages to perform intercept on exception and return HTTP response 403 (denied) to the client, which is expected.
However, the exception template returned is not the HTML data for HTTP traffic but rather the exception text used for all protocols: "$(exception.id): $(exception.details)". This is a very basic message omitting any HTML code we usually return to the user. So, the proxy performs full interception and is able to return HTTP(S) response to the client, but it incorrectly uses the exception template for all protocols (without the html).
Furthermore, if the site above were not categorized as "Technology/Internet" for its *IP address* (but was categorized on url level), the proxy would have returned the full HTTP exception with HTML i.e. "$(exception.format)"
This is completely unexpected behavior. What should be done to get expected HTML exception for https traffic in such cases? I know that reverting to SSL Proxy instead of TCP tunnel would "solve" the problem, but that's not possible for this customer due to other apps not tolerating "SSL proxy" service only.
any insights appreciated.
Above is the expected exception with HTML, below is the unexpected exception.
STEPS | DESCRIPTIONS |
---|---|
1. | Open Symantec Encryption Desktop application |
2. | From Symantec Encryption Desktop window
|
3. | From Encryption Disk or Partition
|
4. | From Unlock Disk pop-up window
|
5. | Once Decryption is completed and Windows 10 Installer is available follow below procedure or continue to step 6.
|
6. | Once Decryption is completed
|
Now you can update Windows 10 and start the encryption once Windows Update is completed.
Hi,
We as a user have a licensed version of SPE which we have installed in Windows Server 2012 Server.
We are using .Net Library of Symantec to send File for scanning. When we were testing out the solution we came to know that the Syamntec is not detecteing virus MS office files. We are using stand EICAR test files for the testing. Normal EICAR .txt files are dtected as a threat by syamntec and the ScanResult object gives out proper message.
But incase of EICAR MS Office files send to Symantec, server the responds as file not infected. The ScanResult object from Symantec says a proper connection to server is establised (ERR_CONN_SUCCESS) but just that file is not infected. The same file is flagged by my local laptop McAfee as infected.
Server Installed : Windows Server 2012
SPE Version : 8.0
In Symantec Console settings, set to scan all files & Bloodhound level is Medium
Could you please let us know what could be the possible issue over here and Could you also send out some Sample test file of all file types which can be tested.
It would be really great if you could respond ASAP, because our production deployment is waiting on this.
Thanks & Regads
Rahul S
Hello,
Following the update to Symantec Endpoint Protection 14.2 RU2 MP1 version, when I send my package in push mode on my non-administrator win 10 clients, once the client is updated, they get the window to be able to push the update or restart the set but no button is active, although it can be seen flashing.
The only way to make the window disappear is to go through windows, restart.
No worries in administrator mode!
Is this a bug?
Thanks for your feedback
We are in a trial of the cloud based enterprise SEP 15 (SES). I cannot get any rfirewall ules to apply. I have a firewall policy assigned. I creeated a new rule at the top of all the rules to block all ICMP rule atest if the rules apply and none do. SEP is in control of the 3 categoires expected under netsh advfirewall show global but no SEP firewal rules work.
If I change the rule to not diasable windows filrewall then Windows blocks ICMP as expected.
When I turn back on SEP firewall policy its rules do not go into affect.
We use SEP SBE in production and that firewall works as expected.
we are perplexed, any ideas?
Hello,
there is a NetApp NFS file share that needs to be scanned and all the files classified (add meta data, visual tags, etc.) based on content. Can ICT connect to and scan NFS shares hosted on NetApp? would it need DLP Network Discover to perform the scanning? I know Network Discover is supposed to be abel to connect to and scan NFS shared, but I have never done it.
Thanks,
Hi;
Can the management centre send a Radius attribute "AVP" to the Radius server? I mean in the Radius Authentication Request? ideally, I would like the Management Centre to send the IP address of the user device supplying the username and password on the Management Centres login page, which in turn will be sent to the Radius server.
So ideally, the MC should send the following to the Radius server: "username+password+the IP address of the device of the user trying to authenticate".
Kindly
Wasfi
How can i register a new serial number......just bought a 25 users Symantec Endpoint Protection and not been able to register or activate.
Dear Experts , Can you please let me know does disabling/ uninstalling the Autolog on feature on the preboot screen of Windows, decrypt the Encryption by any chance? I am updated with the information that it does not decrypt the machine’s encryption. However it will be helpful if you can provide me a knowledge Base Article from the Symantec support which states regarding the Autologon feature and does it Decrypt the drive or the encryption still remains in the computer . Thanks you . Regards, Pritam Chakraborty